{"id":3106,"date":"2024-12-05T08:16:59","date_gmt":"2024-12-05T08:16:59","guid":{"rendered":"https:\/\/certera.com\/blog\/?p=3106"},"modified":"2025-09-26T09:09:15","modified_gmt":"2025-09-26T09:09:15","slug":"rockstar-2fa-a-growing-threat-in-phishing-as-a-service","status":"publish","type":"post","link":"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/","title":{"rendered":"Rockstar 2FA: A Growing Threat in Phishing-as-a-Service"},"content":{"rendered":"\n

In recent months, a new PhaaS platform called Rockstar 2FA has been launched, which has the potential to carry out large-scale AiTM attacks owing to its effectiveness.<\/p>\n\n\n\n

This platform focuses on Microsoft 365 accounts and is very risky because it bypasses multifactor authentication (MFA)  through session cookie hijacking, thus enabling attackers to compromise accounts even with MFA enabled.<\/p>\n\n\n\n

In this article, we will explore the features of Rockstar 2FA, the attack flow that an attacker will go through, the security risks that come with it, and some mitigation techniques that can be put in place to prevent such an attack.<\/p>\n\n\n\n

What is Rockstar 2FA?<\/h2>\n\n\n\n

Rockstar 2FA is an arsenal of phishing resources that constitute the newest generation of PhaaS solutions, which aims to facilitate the creation of sophisticated phishing campaigns by cyber criminals.<\/p>\n\n\n\n

Also Read:<\/strong> Phishing Attacks: How to Spot and Prevent Online Scams?<\/a><\/p>\n\n\n\n

It is an advanced version of the previous phishing kits, such as DadSec and Phoenix, that became active in\u00a02023. This updated platform aims to integrate Microsoft 365 users and other services, including Hotmail,\u00a0GoDaddy, and Single Sign-On (SSO) platforms.<\/p>\n\n\n\n

Rockstar 2FA differs from traditional phishing, avoiding Multifactor Authentication (MFA)<\/a> through an Advanced  Adversary-in-the-Middle (AiTM) attack. In these attacks, the attacker does not necessarily gain the victim’s login information.<\/p>\n\n\n\n

Instead of capturing the credentials, the attacker hijacks the valid session cookies from the victim’s browser after the victim has provided their credentials on a phished login page.<\/p>\n\n\n\n

This enables the attacker to bypass the MFA and penetrate the victim’s account without the password or the MFA token.<\/p>\n\n\n\n

Key Features of Rockstar 2FA<\/h2>\n\n\n\n

MFA Bypass<\/h3>\n\n\n\n

The core advantage of Rockstar 2FA is the ability to steal session cookies. Since unsuspecting victims enter their credentials on a rogue Microsoft 365 page, the AiTM server quickly forwards them to the Microsoft service for actual authentication.<\/p>\n\n\n\n

After verifying the validity of the account, a session cookie is returned to the unsuspecting victim’s browser only to be forwarded to the attacker, giving the hacker access to the account.<\/p>\n\n\n\n

Low-Cost and Accessible<\/h3>\n\n\n\n

The pricing model attracts cyber criminals because this 2FA Rockstar will charge $200 for two weeks or $180 for an API renewal.<\/p>\n\n\n\n

This makes it easily accessible to everyone and hence has wide use among the threat actors, mainly due to its being distributed on platforms like Telegram, which makes it relatively easy to acquire.<\/p>\n\n\n\n

Customizable Phishing Pages<\/h3>\n\n\n\n

It allows customization and creation of phishing pages by adding branded graphics like logos and background images to make the page more authentic and realistic. This also enables login themes, which multiply their chances of successful phishing.<\/p>\n\n\n\n

Obfuscation and Evasion Techniques<\/h3>\n\n\n\n

Rockstar 2FA uses obfuscated code that will evade detection by security systems. Some of its features include Cloudflare Turnstile Captcha, which filters bot traffic, and fully undetectable FUD links and attachments, making phishing emails much more challenging to identify.<\/p>\n\n\n\n

Real-Time Monitoring<\/h3>\n\n\n\n

The admin panel provides full features, including real-time logging and high-activity reporting. This feature enables the cybercriminal to monitor many metrics in detail, including the total number of compromised accounts, the successfully blocked bots, and the successfully phished attempts.<\/p>\n\n\n\n

Attack Flow<\/h2>\n\n\n\n

The attack usually begins with a phishing email that sends the victim to a phishing login page for Microsoft 365. Some of the most common baits include shared documents, password reset requests, or even some HR- or payroll-related messages.<\/p>\n\n\n\n

The victim will get to the fake login page and submit their credentials without knowing that all their login information is caught.<\/p>\n\n\n\n

Once the victim’s credentials are submitted, the Rockstar 2FA server sends the credentials to Microsoft’s authentic service. The authentication is finalized, and a session cookie is returned to the victim’s browser.<\/p>\n\n\n\n

It is at this point that the attacker catches this session cookie that can be used to bypass MFA and take control of the victim’s account. MFA is still enabled on this account.<\/p>\n\n\n\n

Rockstar 2FA Mitigation Strategies<\/h2>\n\n\n\n

Email Security<\/h3>\n\n\n\n

Adequate safety can be obtained through sophisticated email filters that differentiate actual phishing messages carrying a malware-laden link or hazardous attachments.<\/p>\n\n\n\n

It also involves watching and surveillance at the level of organizational email traffic that can also help recognize suspicious emails<\/a> with attachments sourced through compromised accounts, even using different marketing emails through an account.<\/p>\n\n\n\n

Enhance Multifactor Authentication<\/h3>\n\n\n\n

Use a hardware token called YubiKey<\/a>, a more substantial and secure alternative that tears down challenging multifactor authentications that cannot be broken easily, like in SMS or app-based conventional methods.<\/p>\n\n\n\n

Session Management<\/h3>\n\n\n\n

Robust and comprehensive session management policies must include automatic timeouts for sessions and re-authentication requirements when performing high-risk actions.<\/p>\n\n\n\n

This is crucial because it limits a session cookie’s lifetime and drastically reduces the window of opportunity that the attackers may have to exploit existing vulnerabilities.<\/p>\n\n\n\n

User Education<\/h3>\n\n\n\n

Recurring training programs must help users get accustomed to phishing attempts and the need to report suspicious emails they receive.<\/p>\n\n\n\n

Moreover, employees should be taught how to confirm most login pages, and the essential practice of not inputting their credentials on unknown or untrusted sites has to be internalized.<\/p>\n\n\n\n

Continuous Monitoring with Comprehensive Logging<\/h3>\n\n\n\n

Implement real-time monitoring and comprehensive logging to enable effective detection of any suspicious login patterns or instances of failed login attempts.<\/p>\n\n\n\n

Using behavior-based anomaly detection tools can go a long way in identifying suspicious access attempts, thus significantly contributing to mitigating potential attacks.<\/p>\n\n\n\n

Protect Your Organization with Certera Anti-Phishing Solution<\/h2>\n\n\n\n

As cybercriminals were able to bypass MFA protections by launching large-scale phishing campaigns, it is essential to stay ahead of them with proactive defense strategies. <\/p>\n\n\n\n

Certera<\/a> Anti-Phishing Solution gives comprehensive protection against sophisticated threats using cutting-edge technology to identify and neutralize phishing attacks before they hit your users.<\/p>\n","protected":false},"excerpt":{"rendered":"

In recent months, a new PhaaS platform called Rockstar 2FA has been launched, which has the potential to carry out large-scale AiTM attacks owing to its effectiveness. This platform focuses on Microsoft 365 accounts and is very risky because it bypasses multifactor authentication (MFA)  through session cookie hijacking, thus enabling attackers to compromise accounts evenRead More<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":3108,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26,31],"tags":[607,606],"class_list":["post-3106","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-consulting-services","category-cyber-attack","tag-phaas","tag-phishing-as-a-service","entry"],"yoast_head":"\nRockstar 2FA: A Growing Threat in Phishing-as-a-Service (PhaaS)<\/title>\n<meta name=\"description\" content=\"Recently, New Rockstar 2FA phishing service targets Microsoft 365 Services. Know everything about it, how to defend your organization.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Rockstar 2FA: A Growing Threat in Phishing-as-a-Service (PhaaS)\" \/>\n<meta property=\"og:description\" content=\"Recently, New Rockstar 2FA phishing service targets Microsoft 365 Services. Know everything about it, how to defend your organization.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/\" \/>\n<meta property=\"og:site_name\" content=\"EncryptedFence by Certera - Web & Cyber Security Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/certeraLLC\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-12-05T08:16:59+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-26T09:09:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/certera.com\/blog\/wp-content\/uploads\/2024\/12\/rockstar-2fa.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"960\" \/>\n\t<meta property=\"og:image:height\" content=\"620\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Janki Mehta\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:site\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Janki Mehta\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\\\/\"},\"author\":{\"name\":\"Janki Mehta\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\"},\"headline\":\"Rockstar 2FA: A Growing Threat in Phishing-as-a-Service\",\"datePublished\":\"2024-12-05T08:16:59+00:00\",\"dateModified\":\"2025-09-26T09:09:15+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\\\/\"},\"wordCount\":952,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/rockstar-2fa.webp\",\"keywords\":[\"Phaas\",\"Phishing as a Service\"],\"articleSection\":[\"Consulting Services\",\"Cyber Attack\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\\\/#respond\"]}],\"copyrightYear\":\"2024\",\"copyrightHolder\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\\\/\",\"name\":\"Rockstar 2FA: A Growing Threat in Phishing-as-a-Service (PhaaS)\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/rockstar-2fa.webp\",\"datePublished\":\"2024-12-05T08:16:59+00:00\",\"dateModified\":\"2025-09-26T09:09:15+00:00\",\"description\":\"Recently, New Rockstar 2FA phishing service targets Microsoft 365 Services. Know everything about it, how to defend your organization.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\\\/#primaryimage\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/rockstar-2fa.webp\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/rockstar-2fa.webp\",\"width\":960,\"height\":620,\"caption\":\"Rockstar 2FA\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/certera.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Rockstar 2FA: A Growing Threat in Phishing-as-a-Service\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"name\":\"EncryptedFence by Certera - Web & Cyber Security Blog\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"alternateName\":\"Certera's EncryptedFence Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/certera.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\",\"name\":\"Certera\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"caption\":\"Certera\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/certeraLLC\\\/\",\"https:\\\/\\\/x.com\\\/certera_llc\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/certera-llc\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\",\"name\":\"Janki Mehta\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"caption\":\"Janki Mehta\"},\"description\":\"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\\\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.\",\"sameAs\":[\"https:\\\/\\\/certerassl.com\\\/\"],\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/author\\\/certerabguser\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Rockstar 2FA: A Growing Threat in Phishing-as-a-Service (PhaaS)","description":"Recently, New Rockstar 2FA phishing service targets Microsoft 365 Services. Know everything about it, how to defend your organization.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/","og_locale":"en_US","og_type":"article","og_title":"Rockstar 2FA: A Growing Threat in Phishing-as-a-Service (PhaaS)","og_description":"Recently, New Rockstar 2FA phishing service targets Microsoft 365 Services. Know everything about it, how to defend your organization.","og_url":"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/","og_site_name":"EncryptedFence by Certera - Web & Cyber Security Blog","article_publisher":"https:\/\/www.facebook.com\/certeraLLC\/","article_published_time":"2024-12-05T08:16:59+00:00","article_modified_time":"2025-09-26T09:09:15+00:00","og_image":[{"width":960,"height":620,"url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2024\/12\/rockstar-2fa.webp","type":"image\/jpeg"}],"author":"Janki Mehta","twitter_card":"summary_large_image","twitter_creator":"@certera_llc","twitter_site":"@certera_llc","twitter_misc":{"Written by":"Janki Mehta","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/#article","isPartOf":{"@id":"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/"},"author":{"name":"Janki Mehta","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7"},"headline":"Rockstar 2FA: A Growing Threat in Phishing-as-a-Service","datePublished":"2024-12-05T08:16:59+00:00","dateModified":"2025-09-26T09:09:15+00:00","mainEntityOfPage":{"@id":"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/"},"wordCount":952,"commentCount":0,"publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"image":{"@id":"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2024\/12\/rockstar-2fa.webp","keywords":["Phaas","Phishing as a Service"],"articleSection":["Consulting Services","Cyber Attack"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/#respond"]}],"copyrightYear":"2024","copyrightHolder":{"@id":"https:\/\/certera.com\/blog\/#organization"}},{"@type":"WebPage","@id":"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/","url":"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/","name":"Rockstar 2FA: A Growing Threat in Phishing-as-a-Service (PhaaS)","isPartOf":{"@id":"https:\/\/certera.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/#primaryimage"},"image":{"@id":"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2024\/12\/rockstar-2fa.webp","datePublished":"2024-12-05T08:16:59+00:00","dateModified":"2025-09-26T09:09:15+00:00","description":"Recently, New Rockstar 2FA phishing service targets Microsoft 365 Services. Know everything about it, how to defend your organization.","breadcrumb":{"@id":"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/#primaryimage","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2024\/12\/rockstar-2fa.webp","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2024\/12\/rockstar-2fa.webp","width":960,"height":620,"caption":"Rockstar 2FA"},{"@type":"BreadcrumbList","@id":"https:\/\/certera.com\/blog\/rockstar-2fa-a-growing-threat-in-phishing-as-a-service\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/certera.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Rockstar 2FA: A Growing Threat in Phishing-as-a-Service"}]},{"@type":"WebSite","@id":"https:\/\/certera.com\/blog\/#website","url":"https:\/\/certera.com\/blog\/","name":"EncryptedFence by Certera - Web & Cyber Security Blog","description":"","publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"alternateName":"Certera's EncryptedFence Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/certera.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/certera.com\/blog\/#organization","name":"Certera","url":"https:\/\/certera.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","caption":"Certera"},"image":{"@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/certeraLLC\/","https:\/\/x.com\/certera_llc","https:\/\/www.linkedin.com\/company\/certera-llc\/"]},{"@type":"Person","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7","name":"Janki Mehta","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","caption":"Janki Mehta"},"description":"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.","sameAs":["https:\/\/certerassl.com\/"],"url":"https:\/\/certera.com\/blog\/author\/certerabguser\/"}]}},"_links":{"self":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3106","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/comments?post=3106"}],"version-history":[{"count":5,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3106\/revisions"}],"predecessor-version":[{"id":3960,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3106\/revisions\/3960"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media\/3108"}],"wp:attachment":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media?parent=3106"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/categories?post=3106"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/tags?post=3106"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}